Secure authentication protocol systems and methods
First Claim
1. A system for transferring authentication protocols between a sensor and a platform, the system comprising:
- an input device to, during a pre-boot session;
verify received data representative of a first authentication factor;
store the verified first authentication factor;
store a credential logically associated with a prior session; and
verify the prior session using a prior session credential, wherein the prior session credential is logically associated with an immediately previous post-boot environment that includes a defined change that includes incrementing or decrementing the immediately previous post-boot environment by a defined value; and
an authentication engine to, during a current post-boot session;
receive the prior session credential from the input device and verify the prior session credential using the verified first authentication factor; and
generate a current post-boot session credential that is logically associated with the current post-boot session.
0 Assignments
0 Petitions
Accused Products
Abstract
An input device of a secure authentication protocol system may receive at least one user authentication factor in a pre-boot session. The input device may verify the received authentication factors and may store the verified authentication factors. During a post-boot session, the input device may communicate the verified authentication factor and a stored post-boot session credential received during a prior post-boot session to an authentication engine executing in a trusted execution environment. The authentication engine verifies the received post-boot session credential is logically associated with an immediately preceding post-boot session. Upon successful verification of the received post-boot session credential, the verified authentication factors or data indicative of a successfully verified authentication factor received during the pre-boot session are used in the current post-boot session.
146 Citations
25 Claims
-
1. A system for transferring authentication protocols between a sensor and a platform, the system comprising:
-
an input device to, during a pre-boot session; verify received data representative of a first authentication factor; store the verified first authentication factor; store a credential logically associated with a prior session; and verify the prior session using a prior session credential, wherein the prior session credential is logically associated with an immediately previous post-boot environment that includes a defined change that includes incrementing or decrementing the immediately previous post-boot environment by a defined value; and an authentication engine to, during a current post-boot session; receive the prior session credential from the input device and verify the prior session credential using the verified first authentication factor; and generate a current post-boot session credential that is logically associated with the current post-boot session. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. An authentication method, comprising:
-
during a pre-boot session; verifying, by an input device, a first authentication factor; storing, by the input device, the verified first authentication factor; storing, by the input device, a credential logically associated with a prior post-boot session; and verifying the prior post-boot session using a credential logically associated with an immediately previous post-boot environment that includes a defined change that includes incrementing or decrementing the immediately previous post-boot environment by a defined value; and during a current post-boot session; receiving, by an authentication engine, the prior post-boot session credential from the input device and verifying the prior post-boot session credential using the verified first authentication factor; and generating a current post-boot session credential that is logically associated with the current post-boot session. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
-
-
22. An authentication system, comprising:
-
means for verifying, during a pre-boot session, a first authentication factor; means for storing, during the pre-boot session, the verified first authentication factor; means for storing, during the pre-boot session, a credential logically associated with a prior post-boot session; means for verifying, during the pre-boot session, the prior post-boot session using a credential logically associated with an immediately previous post-boot environment that includes a defined change that includes incrementing or decrementing the immediately previous post-boot environment by a defined value; means for receiving, during a current post-boot session, the prior post-boot session credential; means for verifying, during the current post-boot session, the received prior post-boot session credential; and means for generating, during the current post-boot session, a credential that is logically associated with the post-boot session. - View Dependent Claims (23)
-
-
24. A storage device including machine-readable instructions that, when executed by one or more circuits, cause the one or more circuits to:
-
during a pre-boot session; verify, via an input device, a first authentication factor; store, via the input device, the verified first authentication factor; store, via the input device, a credential logically associated with a prior post-boot session; and verify the prior post-boot session using a credential logically associated with an immediately previous post-boot environment that includes a defined change that includes incrementing or decrementing the immediately previous post-boot environment by a defined value; and during a current post-boot session; receive, by an authentication engine, the prior post-boot session credential from the input device and verifying the prior post-boot session credential using the verified first authentication factor; and generate a current post-boot session credential that is logically associated with the current post-boot session. - View Dependent Claims (25)
-
Specification